HCoop / jackhill / guix / guix.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
guix-install.sh: don't throw away release candidates when picking the latest version
[jackhill/guix/guix.git] / etc / guix-install.sh
1 #!/bin/sh
2 # GNU Guix --- Functional package management for GNU
3 # Copyright © 2017 sharlatan <sharlatanus@gmail.com>
4 # Copyright © 2018 Ricardo Wurmus <rekado@elephly.net>
5 # Copyright © 2018 Efraim Flashner <efraim@flashner.co.il>
6 # Copyright © 2019, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
7 # Copyright © 2020 Morgan Smith <Morgan.J.Smith@outlook.com>
8 # Copyright © 2020 Simon Tournier <zimon.toutoune@gmail.com>
9 # Copyright © 2020 Daniel Brooks <db48x@db48x.net>
10 #
11 # This file is part of GNU Guix.
12 #
13 # GNU Guix is free software; you can redistribute it and/or modify it
14 # under the terms of the GNU General Public License as published by
15 # the Free Software Foundation; either version 3 of the License, or (at
16 # your option) any later version.
17 #
18 # GNU Guix is distributed in the hope that it will be useful, but
19 # WITHOUT ANY WARRANTY; without even the implied warranty of
20 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 # GNU General Public License for more details.
22 #
23 # You should have received a copy of the GNU General Public License
24 # along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
25
26 # We require Bash but for portability we'd rather not use /bin/bash or
27 # /usr/bin/env in the shebang, hence this hack.
28 if [ "x$BASH_VERSION" = "x" ]
29 then
30 exec bash "$0" "$@"
31 fi
32
33 set -e
34
35 [ "$UID" -eq 0 ] || { echo "This script must be run as root."; exit 1; }
36
37 REQUIRE=(
38 "dirname"
39 "readlink"
40 "wget"
41 "gpg"
42 "grep"
43 "which"
44 "sed"
45 "sort"
46 "getent"
47 "mktemp"
48 "rm"
49 "chmod"
50 "uname"
51 "groupadd"
52 "tail"
53 "tr"
54 "xz"
55 )
56
57 PAS=$'[ \033[32;1mPASS\033[0m ] '
58 ERR=$'[ \033[31;1mFAIL\033[0m ] '
59 WAR=$'[ \033[33;1mWARN\033[0m ] '
60 INF="[ INFO ] "
61
62 DEBUG=0
63 GNU_URL="https://ftp.gnu.org/gnu/guix/"
64 #GNU_URL="https://alpha.gnu.org/gnu/guix/"
65 OPENPGP_SIGNING_KEY_ID="3CE464558A84FDC69DB40CFB090B11993D9AEBB5"
66
67 # This script needs to know where root's home directory is. However, we
68 # cannot simply use the HOME environment variable, since there is no guarantee
69 # that it points to root's home directory.
70 ROOT_HOME="$(echo ~root)"
71
72 # ------------------------------------------------------------------------------
73 #+UTILITIES
74
75 _err()
76 { # All errors go to stderr.
77 printf "[%s]: %s\n" "$(date +%s.%3N)" "$1"
78 }
79
80 _msg()
81 { # Default message to stdout.
82 printf "[%s]: %s\n" "$(date +%s.%3N)" "$1"
83 }
84
85 _debug()
86 {
87 if [ "${DEBUG}" = '1' ]; then
88 printf "[%s]: %s\n" "$(date +%s.%3N)" "$1"
89 fi
90 }
91
92
93 chk_require()
94 { # Check that every required command is available.
95 declare -a warn
96 local c
97
98 _debug "--- [ $FUNCNAME ] ---"
99
100 for c in "$@"; do
101 command -v "$c" &>/dev/null || warn+=("$c")
102 done
103
104 [ "${#warn}" -ne 0 ] &&
105 { _err "${ERR}Missing commands: ${warn[*]}.";
106 return 1; }
107
108 _msg "${PAS}verification of required commands completed"
109 }
110
111 chk_gpg_keyring()
112 { # Check whether the Guix release signing public key is present.
113 _debug "--- [ $FUNCNAME ] ---"
114
115 # Without --dry-run this command will create a ~/.gnupg owned by root on
116 # systems where gpg has never been used, causing errors and confusion.
117 gpg --dry-run --list-keys ${OPENPGP_SIGNING_KEY_ID} >/dev/null 2>&1 || (
118 _err "${ERR}Missing OpenPGP public key. Fetch it with this command:"
119 echo " wget 'https://sv.gnu.org/people/viewgpg.php?user_id=15145' -qO - | sudo -i gpg --import -"
120 exit 1
121 )
122 }
123
124 chk_term()
125 { # Check for ANSI terminal for color printing.
126 local ansi_term
127
128 if [ -t 2 ]; then
129 if [ "${TERM+set}" = 'set' ]; then
130 case "$TERM" in
131 xterm*|rxvt*|urxvt*|linux*|vt*|eterm*|screen*)
132 ansi_term=true
133 ;;
134 *)
135 ansi_term=false
136 ERR="[ FAIL ] "
137 PAS="[ PASS ] "
138 ;;
139 esac
140 fi
141 fi
142 }
143
144 chk_init_sys()
145 { # Return init system type name.
146 if [[ $(/sbin/init --version 2>/dev/null) =~ upstart ]]; then
147 _msg "${INF}init system is: upstart"
148 INIT_SYS="upstart"
149 return 0
150 elif [[ $(systemctl 2>/dev/null) =~ -\.mount ]]; then
151 _msg "${INF}init system is: systemd"
152 INIT_SYS="systemd"
153 return 0
154 elif [[ -f /etc/init.d/cron && ! -h /etc/init.d/cron ]]; then
155 _msg "${INF}init system is: sysv-init"
156 INIT_SYS="sysv-init"
157 return 0
158 elif [[ $(openrc --version 2>/dev/null) =~ \(OpenRC\) ]]; then
159 _msg "${INF}init system is: OpenRC"
160 INIT_SYS="openrc"
161 return 0
162 else
163 INIT_SYS="NA"
164 _err "${ERR}Init system could not be detected."
165 fi
166 }
167
168 chk_sys_arch()
169 { # Check for operating system and architecture type.
170 local os
171 local arch
172
173 os="$(uname -s)"
174 arch="$(uname -m)"
175
176 case "$arch" in
177 i386 | i486 | i686 | i786 | x86)
178 local arch=i686
179 ;;
180 x86_64 | x86-64 | x64 | amd64)
181 local arch=x86_64
182 ;;
183 aarch64)
184 local arch=aarch64
185 ;;
186 armv7l)
187 local arch=armhf
188 ;;
189 *)
190 _err "${ERR}Unsupported CPU type: ${arch}"
191 exit 1
192 esac
193
194 case "$os" in
195 Linux | linux)
196 local os=linux
197 ;;
198 *)
199 _err "${ERR}Your operation system (${os}) is not supported."
200 exit 1
201 esac
202
203 ARCH_OS="${arch}-${os}"
204 }
205
206 chk_sys_nscd()
207 { # Check if nscd is up and suggest to start it or install it
208 if [ "$(type -P pidof)" ]; then
209 if [ ! "$(pidof nscd)" ]; then
210 _msg "${WAR}We recommend installing and/or starting your distribution 'nscd' service"
211 _msg "${WAR}Please read 'info guix \"Application Setup\"' about \"Name Service Switch\""
212 fi
213 else
214 _msg "${INF}We cannot determine if your distribution 'nscd' service is running"
215 _msg "${INF}Please read 'info guix \"Application Setup\"' about \"Name Service Switch\""
216 fi
217 }
218
219 # ------------------------------------------------------------------------------
220 #+MAIN
221
222 guix_get_bin_list()
223 { # Scan GNU archive and save list of binaries
224 local gnu_url="$1"
225 local -a bin_ver_ls
226 local latest_ver
227 local default_ver
228
229 _debug "--- [ $FUNCNAME ] ---"
230
231 # Filter only version and architecture
232 bin_ver_ls=("$(wget -qO- "$gnu_url" \
233 | sed -n -e 's/.*guix-binary-\([0-9.]*[a-z0-9]*\)\..*.tar.xz.*/\1/p' \
234 | sort -Vu)")
235
236 latest_ver="$(echo "$bin_ver_ls" \
237 | grep -oE "([0-9]{1,2}\.){2}[0-9]{1,2}[a-z0-9]*" \
238 | tail -n1)"
239
240 default_ver="guix-binary-${latest_ver}.${ARCH_OS}"
241
242 if [[ "${#bin_ver_ls}" -ne "0" ]]; then
243 _msg "${PAS}Release for your system: ${default_ver}"
244 else
245 _err "${ERR}Could not obtain list of Guix releases."
246 exit 1
247 fi
248
249 # Use default to download according to the list and local ARCH_OS.
250 BIN_VER="$default_ver"
251 }
252
253 guix_get_bin()
254 { # Download and verify binary package.
255 local url="$1"
256 local bin_ver="$2"
257 local dl_path="$3"
258
259 _debug "--- [ $FUNCNAME ] ---"
260
261 _msg "${INF}Downloading Guix release archive"
262
263 wget --help | grep -q '\--show-progress' && \
264 _PROGRESS_OPT="-q --show-progress" || _PROGRESS_OPT=""
265 wget $_PROGRESS_OPT -P "$dl_path" "${url}/${bin_ver}.tar.xz" "${url}/${bin_ver}.tar.xz.sig"
266
267 if [[ "$?" -eq 0 ]]; then
268 _msg "${PAS}download completed."
269 else
270 _err "${ERR}could not download ${url}/${bin_ver}.tar.xz."
271 exit 1
272 fi
273
274 pushd $dl_path >/dev/null
275 gpg --verify "${bin_ver}.tar.xz.sig" >/dev/null 2>&1
276 if [[ "$?" -eq 0 ]]; then
277 _msg "${PAS}Signature is valid."
278 popd >/dev/null
279 else
280 _err "${ERR}could not verify the signature."
281 exit 1
282 fi
283 }
284
285 sys_create_store()
286 { # Unpack and install /gnu/store and /var/guix
287 local pkg="$1"
288 local tmp_path="$2"
289
290 _debug "--- [ $FUNCNAME ] ---"
291
292 cd "$tmp_path"
293 tar --extract \
294 --file "$pkg" &&
295 _msg "${PAS}unpacked archive"
296
297 if [[ -e "/var/guix" || -e "/gnu" ]]; then
298 _err "${ERR}A previous Guix installation was found. Refusing to overwrite."
299 exit 1
300 else
301 _msg "${INF}Installing /var/guix and /gnu..."
302 mv "${tmp_path}/var/guix" /var/
303 mv "${tmp_path}/gnu" /
304 fi
305
306 _msg "${INF}Linking the root user's profile"
307 mkdir -p "${ROOT_HOME}/.config/guix"
308 ln -sf /var/guix/profiles/per-user/root/current-guix \
309 "${ROOT_HOME}/.config/guix/current"
310
311 GUIX_PROFILE="${ROOT_HOME}/.config/guix/current"
312 source "${GUIX_PROFILE}/etc/profile"
313 _msg "${PAS}activated root profile at ${ROOT_HOME}/.config/guix/current"
314 }
315
316 sys_create_build_user()
317 { # Create the group and user accounts for build users.
318
319 _debug "--- [ $FUNCNAME ] ---"
320
321 if [ $(getent group guixbuild) ]; then
322 _msg "${INF}group guixbuild exists"
323 else
324 groupadd --system guixbuild
325 _msg "${PAS}group <guixbuild> created"
326 fi
327
328 for i in $(seq -w 1 10); do
329 if id "guixbuilder${i}" &>/dev/null; then
330 _msg "${INF}user is already in the system, reset"
331 usermod -g guixbuild -G guixbuild \
332 -d /var/empty -s "$(which nologin)" \
333 -c "Guix build user $i" \
334 "guixbuilder${i}";
335 else
336 useradd -g guixbuild -G guixbuild \
337 -d /var/empty -s "$(which nologin)" \
338 -c "Guix build user $i" --system \
339 "guixbuilder${i}";
340 _msg "${PAS}user added <guixbuilder${i}>"
341 fi
342 done
343 }
344
345 sys_enable_guix_daemon()
346 { # Run the daemon, and set it to automatically start on boot.
347
348 local info_path
349 local local_bin
350 local var_guix
351
352 _debug "--- [ $FUNCNAME ] ---"
353
354 info_path="/usr/local/share/info"
355 local_bin="/usr/local/bin"
356 var_guix="/var/guix/profiles/per-user/root/current-guix"
357
358 case "$INIT_SYS" in
359 upstart)
360 { initctl reload-configuration;
361 cp "${ROOT_HOME}/.config/guix/current/lib/upstart/system/guix-daemon.conf" \
362 /etc/init/ &&
363 start guix-daemon; } &&
364 _msg "${PAS}enabled Guix daemon via upstart"
365 ;;
366 systemd)
367 { # systemd .mount units must be named after the target directory.
368 # Here we assume a hard-coded name of /gnu/store.
369 # XXX Work around <https://issues.guix.gnu.org/41356> until next release.
370 if [ -f "${ROOT_HOME}/.config/guix/current/lib/systemd/system/gnu-store.mount" ]; then
371 cp "${ROOT_HOME}/.config/guix/current/lib/systemd/system/gnu-store.mount" \
372 /etc/systemd/system/;
373 chmod 664 /etc/systemd/system/gnu-store.mount;
374 systemctl daemon-reload &&
375 systemctl enable gnu-store.mount;
376 fi
377
378 cp "${ROOT_HOME}/.config/guix/current/lib/systemd/system/guix-daemon.service" \
379 /etc/systemd/system/;
380 chmod 664 /etc/systemd/system/guix-daemon.service;
381
382 # Work around <https://bugs.gnu.org/36074>, present in 1.0.1.
383 sed -i /etc/systemd/system/guix-daemon.service \
384 -e "s/GUIX_LOCPATH='/'GUIX_LOCPATH=/";
385
386 # Work around <https://bugs.gnu.org/35671>, present in 1.0.1.
387 if ! grep en_US /etc/systemd/system/guix-daemon.service >/dev/null;
388 then sed -i /etc/systemd/system/guix-daemon.service \
389 -e 's/^Environment=\(.*\)$/Environment=\1 LC_ALL=en_US.UTF-8';
390 fi;
391
392 systemctl daemon-reload &&
393 systemctl enable guix-daemon &&
394 systemctl start guix-daemon; } &&
395 _msg "${PAS}enabled Guix daemon via systemd"
396 ;;
397 sysv-init)
398 { mkdir -p /etc/init.d;
399 cp "${ROOT_HOME}/.config/guix/current/etc/init.d/guix-daemon" \
400 /etc/init.d/guix-daemon;
401 chmod 775 /etc/init.d/guix-daemon;
402
403 update-rc.d guix-daemon defaults &&
404 update-rc.d guix-daemon enable &&
405 service guix-daemon start; } &&
406 _msg "${PAS}enabled Guix daemon via sysv"
407 ;;
408 openrc)
409 { mkdir -p /etc/init.d;
410 cp "${ROOT_HOME}/.config/guix/current/etc/openrc/guix-daemon" \
411 /etc/init.d/guix-daemon;
412 chmod 775 /etc/init.d/guix-daemon;
413
414 rc-update add guix-daemon default &&
415 rc-service guix-daemon start; } &&
416 _msg "${PAS}enabled Guix daemon via OpenRC"
417 ;;
418 NA|*)
419 _msg "${ERR}unsupported init system; run the daemon manually:"
420 echo " ${ROOT_HOME}/.config/guix/current/bin/guix-daemon --build-users-group=guixbuild"
421 ;;
422 esac
423
424 _msg "${INF}making the guix command available to other users"
425
426 [ -e "$local_bin" ] || mkdir -p "$local_bin"
427 ln -sf "${var_guix}/bin/guix" "$local_bin"
428
429 [ -e "$info_path" ] || mkdir -p "$info_path"
430 for i in ${var_guix}/share/info/*; do
431 ln -sf "$i" "$info_path"
432 done
433 }
434
435 sys_authorize_build_farms()
436 { # authorize the public key of the build farm
437 while true; do
438 read -p "Permit downloading pre-built package binaries from the project's build farm? (yes/no) " yn
439 case $yn in
440 [Yy]*) guix archive --authorize < "${ROOT_HOME}/.config/guix/current/share/guix/ci.guix.gnu.org.pub" &&
441 _msg "${PAS}Authorized public key for ci.guix.gnu.org";
442 break;;
443 [Nn]*) _msg "${INF}Skipped authorizing build farm public keys"
444 break;;
445 *) _msg "Please answer yes or no.";
446 esac
447 done
448 }
449
450 sys_create_init_profile()
451 { # Create /etc/profile.d/guix.sh for better desktop integration
452 # This will not take effect until the next shell or desktop session!
453 [ -d "/etc/profile.d" ] || mkdir /etc/profile.d # Just in case
454 cat <<"EOF" > /etc/profile.d/guix.sh
455 # _GUIX_PROFILE: `guix pull` profile
456 _GUIX_PROFILE="$HOME/.config/guix/current"
457 if [ -L $_GUIX_PROFILE ]; then
458 export PATH="$_GUIX_PROFILE/bin${PATH:+:}$PATH"
459 # Export INFOPATH so that the updated info pages can be found
460 # and read by both /usr/bin/info and/or $GUIX_PROFILE/bin/info
461 # When INFOPATH is unset, add a trailing colon so that Emacs
462 # searches 'Info-default-directory-list'.
463 export INFOPATH="$_GUIX_PROFILE/share/info:$INFOPATH"
464 fi
465
466 # GUIX_PROFILE: User's default profile
467 GUIX_PROFILE="$HOME/.guix-profile"
468 [ -L $GUIX_PROFILE ] || return
469 GUIX_LOCPATH="$GUIX_PROFILE/lib/locale"
470 export GUIX_PROFILE GUIX_LOCPATH
471
472 [ -f "$GUIX_PROFILE/etc/profile" ] && . "$GUIX_PROFILE/etc/profile"
473
474 # set XDG_DATA_DIRS to include Guix installations
475 export XDG_DATA_DIRS="$GUIX_PROFILE/share:${XDG_DATA_DIRS:-/usr/local/share/:/usr/share/}"
476 EOF
477 }
478
479 sys_create_shell_completion()
480 { # Symlink supported shell completions system-wide
481
482 var_guix=/var/guix/profiles/per-user/root/current-guix
483 bash_completion=/etc/bash_completion.d
484 zsh_completion=/usr/share/zsh/site-functions
485 fish_completion=/usr/share/fish/vendor_completions.d
486
487 { # Just in case
488 for dir_shell in $bash_completion $zsh_completion $fish_completion; do
489 [ -d "$dir_shell" ] || mkdir -p $dir_shell
490 done;
491
492 ln -sf ${var_guix}/etc/bash_completion.d/* "$bash_completion";
493 ln -sf ${var_guix}/share/zsh/site-functions/* "$zsh_completion";
494 ln -sf ${var_guix}/share/fish/vendor_completions.d/* "$fish_completion"; } &&
495 _msg "${PAS}installed shell completion"
496 }
497
498
499 welcome()
500 {
501 cat<<"EOF"
502 ░░░ ░░░
503 ░░▒▒░░░░░░░░░ ░░░░░░░░░▒▒░░
504 ░░▒▒▒▒▒░░░░░░░ ░░░░░░░▒▒▒▒▒░
505 ░▒▒▒░░▒▒▒▒▒ ░░░░░░░▒▒░
506 ░▒▒▒▒░ ░░░░░░
507 ▒▒▒▒▒ ░░░░░░
508 ▒▒▒▒▒ ░░░░░
509 ░▒▒▒▒▒ ░░░░░
510 ▒▒▒▒▒ ░░░░░
511 ▒▒▒▒▒ ░░░░░
512 ░▒▒▒▒▒░░░░░
513 ▒▒▒▒▒▒░░░
514 ▒▒▒▒▒▒░
515 _____ _ _ _ _ _____ _
516 / ____| \ | | | | | / ____| (_)
517 | | __| \| | | | | | | __ _ _ ___ __
518 | | |_ | . ' | | | | | | |_ | | | | \ \/ /
519 | |__| | |\ | |__| | | |__| | |_| | |> <
520 \_____|_| \_|\____/ \_____|\__,_|_/_/\_\
521
522 This script installs GNU Guix on your system
523
524 https://www.gnu.org/software/guix/
525 EOF
526 echo -n "Press return to continue..."
527 read -r ANSWER
528 }
529
530 main()
531 {
532 local tmp_path
533 welcome
534
535 _msg "Starting installation ($(date))"
536
537 chk_term
538 chk_require "${REQUIRE[@]}"
539 chk_gpg_keyring
540 chk_init_sys
541 chk_sys_arch
542 chk_sys_nscd
543
544 _msg "${INF}system is ${ARCH_OS}"
545
546 umask 0022
547 tmp_path="$(mktemp -t -d guix.XXX)"
548
549 guix_get_bin_list "${GNU_URL}"
550 guix_get_bin "${GNU_URL}" "${BIN_VER}" "$tmp_path"
551
552 sys_create_store "${BIN_VER}.tar.xz" "${tmp_path}"
553 sys_create_build_user
554 sys_enable_guix_daemon
555 sys_authorize_build_farms
556 sys_create_init_profile
557 sys_create_shell_completion
558
559 _msg "${INF}cleaning up ${tmp_path}"
560 rm -r "${tmp_path}"
561
562 _msg "${PAS}Guix has successfully been installed!"
563 _msg "${INF}Run 'info guix' to read the manual."
564
565 # Required to source /etc/profile in desktop environments.
566 _msg "${INF}Please log out and back in to complete the installation."
567 }
568
569 main "$@"
jackhill's copy of GNU Guix: https://guix.gnu.org/